1. Field
The present invention relates generally to digital content protection in computer and consumer electronics systems and, more specifically, to adapting security levels for program modules to a desired performance attribute or to other requirements.
2. Description
The personal computer (PC) platform is an open and accessible computer architecture. However, the openness of the PC means that it is a fundamentally insecure computing platform. Both the hardware and software can be accessed for observation and modification. This openness allows malicious users and programs to observe and to modify executing code, perhaps with the aid of software tools such as debuggers and system diagnostic tools. Despite these risks, there are classes of operations that must be performed securely on the fundamentally insecure PC platform. These are applications where the basic integrity of the operation must be assumed, or at least verified, to be reliable. Examples of such operations include financial transactions and other electronic commerce, unattended access authorization, and digital content management.
For content providers, countering the threat of digital piracy on the PC requires new software that is resistant to attacks by a malicious user. In this scenario, the malicious user may wish to tamper with or replace particular components of the software in order to gain unauthorized access to digital content or to make unauthorized reproductions. A cryptosystem based on cryptographic methods employed in conjunction with the software may be used to help protect the content owner's rights. Content may be encrypted to provide some measure of protection, but the software accessing the decrypted content during playback is still vulnerable to attack.
Digital content is usually accessed by a player application and associated components running on the PC or another electronic device. Players are typically not designed with security in mind. If a level of security is, however, set for a player application, it is usually the same level for all instances of the player application. Additionally, content may be protected by a certain level of security by the content provider, but that level of security is typically the same for all copies of the content.
Although known techniques may generally provide an adequate level of security, improvements can still be made to further secure software and content, and stay one step ahead of digital content pirates. What is needed is a method that will allow a player or other application program on the fundamentally insecure, open PC to apply different levels of security to access to content, whereby the security level may be set by a content provider or distributor prior to distribution of the content.